Posted
by
timothy
on Thursday March 17, 2016 @05:18AM
from the unblaming-the-secondary-victim dept.

Mickeycaskill writes: A preliminary ruling from a European Court of Justice Advocate General has said it is not reasonable for owners of public Wi-Fi hotspots to be held liable for copyright infringement committed by users on these networks. Sony took legal action against a German business owner after a third party allegedly illegally downloaded music to which the record label owned the rights to on the basis the network should have been secured. However this view has been rejected by the Advocate General who says it is impossible for all public Wi-Fi to be secured. His recommendation will now be debated by European judges.

Third party hotspot providers should not be liable for stopping piracy. Anymore then being liable for hackers who use a hotspot to attack other devices. The only exception to this, is when the hotspot provider could be shown to aid or provide direct assistance in obtaining pirated content. If your simply provided access to the internet, you cannot possible be held responsible to know what ever user of that access point is doing.

Please feel free to send this message (preferably in German) to the FINE German government which thinks that hotspot providers should be held liable. I guess, Germany is the only ba^H^H country on earth which has such a FINE law. However, for the present German government, the Internet is the "undiscovered country".

I realize that the law works differently for little people and all(though it's not as though Team Media have been shy about insisting that basically everyone who in some way facilitates internet use should have a responsibility to protect their precious 'content' for them, from ISPs to search engines); but I'm a trifle baffled by how it could even be a serious question whether somebody operating an internet-connected wifi AP is responsible for the actions of the users of that AP. More or less everyone accepts that ISPs, telcos, and the like can't possibly be held responsible for every last dumb or criminal thing that their customers do or we'd have to shut down basically everything; and isn't a public AP just a particularly small last-mile ISP with even less practical ability to keep tabs on its customers(since it may not have much info on them, compared to ISPs that know where you live or have your billing information; and is atypically likely to be operated as an amenity by technically unsophisticated proprietors of a coffee shop/hotel/etc. rather than by an ISP that may have clueless tier 1 reps; but can't stay in business without at least some hardcore NOC types in the background).

Yes, operating a hotspot for the benefit of your business off the cheapest 'home' internet plan may be a breach of your ISP's ToS; but that's a totally separate issue, to be taken up between you and them if they care so much, and not relevant to your culpability for what 3rd parties do on your hotspot.

More or less everyone accepts that ISPs, telcos, and the like can't possibly be held responsible for every last dumb or criminal thing that their customers do or we'd have to shut down basically everything

No... adult rational people accept this. Lawyers of media companies such as Sony do not accept this, and they would like to be able to sue ISPs over it, at least if they cannot easily "recover" $$$ and cease-and-decist from the end-user.

So... how exactly do you propose preventing piracy over a public hotspot? Should a cafe hire someone to go around, demanding customers to show him what they're doing on their phones and laptops? Should they record all traffic going over the hotspot, and analyze it for pirate-like behavior, invading the privacy of everyone using it? Get rid of all public hotspots? That's what this is really all about - shutting down public hotspots to force all Internet traffic into places where each access to a pirate site can be linked to a specific person.

When the cure is worse than the disease, rational people just learn to live with the disease. The entire global music industry only makes about $15 billion/yr in revenue (movie industry is about $88 billion/yr). Yet they've got the government doing backflips to accommodate them imposing all sorts of crazy restrictions on the $100 billion/yr search industry, $400 billion/yr software industry, $500 billion/yr ISP industry, $1 trillion/yr electronics industry, and now the $500 billion/yr hotel industry and $3.5 trillion/yr restaurant industry. When the bug gets too annoying, you'll find it's easier to squash it than to try to be nice and allow it to live.

You have to remember that the media people are stuck in the 20th century. For example, in the UK if a business has a radio for staff, they must ensure that that the public can't hear it because that would require a licence. If there is a back office the door must be closed and the volume kept low enough that customers out the front can't hear it, and the BPI will send people round to check. It's that stupid.

So from their point of view, offering a service like wifi that makes the cafe more attractive to patrons but also allows them to pirate music means that the cafe owner must be liable. It's nonsense of course, but they can only think in 20th century terms and concepts like being a "carrier" only apply to other huge corporations, not peons.

While you are technically correct it's not actually the law in the UK . The PRS are the people who will come round and check (not the BPI) and they're not so much a licensing authority as a club that most of the artists, bands, labels etc are members of. It's basically a protection racket dressed up in shiney clothes. If you limited your musical output to non-PRS-registered artists then TECHNICALLY you wouldn't need a PRS license. Technically is in capital letters, because you are little people and they are

Well the former case at least involves intentionally using the music, which you can resolve using the off button. The latter is more like being charged with aiding copyright infringement selling blank CDs because the customer might make pirated copies. I hope he wins, because it's really a bizarre law.

I just hope it hold up till a final ruling. I also am pretty sure that posting a 'download your child porn her as anon dor free with a coffee' will not be a legal slogan for anybody.

What is interesting is that providers need to keep connection data for two years. So if they see somebody downloading childporn from everyday at 08:07-08:09 at the stations Starbucks, it is still possible to get a court order to get more data and set up an operation to arrest the person.

Just a bit more work. And that is a good thing as it will prevent random searches. A thing Germany has a bit of experience in and the USoA are getting aware of it.

"...has said it is not reasonable for owners of public Wi-Fi hotspots to be held liable for copyright infringement committed by users on these networks. Sony took legal action against a German business owner after a third party allegedly illegally downloaded music..."

But why do I expect people reading the summary in first place? I guess I must be new here.

What is interesting is that providers need to keep connection data for two years. So if they see somebody downloading childporn from everyday at 08:07-08:09 at the stations Starbucks, it is still possible to get a court order to get more data and set up an operation to arrest the person.

I think today's criminals are smart enough to defeat this way of doing things. Heck, one has 24 hrs a day, 365 days a year! Easy to defeat in my opinion.

And then they won't get the resources.When you file a lawsuit concerning one person, many courts in the world will laugh in your face. Why it worked here was they, most likely, went after a store that offers free Internet to their customers and the reasoning is that the store makes money from it.Making mony from copyright is followed up on, handing it out free is not. At least in Belgium and I could see that being the case in other countries as

Darling, I'm not aware of what the Polish government is doing and I actually couldn't care less, however, an intelligent ruling on a piracy case doesn't magically erase or make up for all the bad things the EU has done and is doing: the TTIP, the Maastricht rules, the Fiscal Compact, the substantial failure of the single currency, the progressive erasure of the national identities and cultures, the inability to handle the refugee crisis, and, most importantly, blackmailing Greece and Portugal into accepting

I hope those intelligent judges will be appointed to the national constitutional courts of their own countries.

Sadly not in the UK. Nothing to do with the fact that there is no national constitution but that the government (which is going to be Conservative for several decades after their planned boundary changes [newstatesman.com] during this session) will give the content mafia free rein to persecute citizens. Although, to be fair, a Labour government would probably be as supine to the content mafia.

Or at the very least (because financial institutions want to stay in the EU because it's profitable) change the rules so that the UK can ignore the EU court rulings. Because the UK government don't WANT to have these sensible rulings from people they can't pressure. Judicial appointments in the UK are candies to hand out to "responsible bodies" who will do the right thing by them.

It's also why both labour and conservative want to remove the HoL, and why Tony Blair salted so many peers into the HoL (and the

It is not a preliminary ruling per se but an Opinion registered by the General Advocate - usually the court follows his arguments but only then it will be a ruling. Nevertheless is this a great step towards a open wifi in some of the EU states. The case centers around a german law which forces you, if running a hotspot, to ensure that your hotspot is not used to violate IP (by using passwords or providing detailed logs afaik - as if that would help). But the law also determines that you can be hold liable if IP violations are committed using your hotspot without those countermeasures. That is what happened in this case as the party seeking this ruling was billed 800,- for alleged IP violations by Sony.
As far as the registered Opinion goes it seems that the EU court will uphold the rights of free speech instead of hindering it by making wifi operators liable.

The case that got escalated to the EU court is as described in the blurb, but it's not a new situation at all. It got escalated because Sony sued "the wrong guy", a Pirate Party member and Freifunk activist who didn't just cave when Sony's lawyers demanded 800 EUR because someone had shared music via his open wireless network. The concept is called "Störerhaftung", which means that while you're not liable for the copyright infraction as such, you are liable for the hazard created by operating the Wifi in a way that doesn't prevent the infraction. This concept is the reason why publicly accessible Wifi is a rarity in Germany, and mostly operated by large ISPs, whereas public hotspots are ubiquitous in other European countries. The current "solution" that is used by Freifunk and many other hotspot operators is to tunnel all traffic from the Wifi hotspot through a VPN provider in a different country that doesn't have this liability-by-proxy concept (usually the Netherlands). This way the traffic isn't traced back to the operator of the Wifi hotspot and the lawyers can't collect hundreds of Euros for sending a letter, as they have been doing for at least 10 years. Angela Merkel's party is still fighting to keep public Wifi as useless as possible by requiring all sorts of hoops that a hotspot operator has to jump through to be exempted from being liable by proxy. So, this is not Germany leading the EU to enlightenment. It's one guy in Germany trying to force Germany to catch up to its neighbors.

The case that got escalated to the EU court is as described in the blurb, but it's not a new situation at all. It got escalated because Sony sued "the wrong guy", a Pirate Party member and Freifunk activist who didn't just cave when Sony's lawyers demanded 800 EUR because someone had shared music via his open wireless network. The concept is called "Störerhaftung", which means that while you're not liable for the copyright infraction as such, you are liable for the hazard created by operating the Wifi in a way that doesn't prevent the infraction. This concept is the reason why publicly accessible Wifi is a rarity in Germany, and mostly operated by large ISPs, whereas public hotspots are ubiquitous in other European countries. The current "solution" that is used by Freifunk and many other hotspot operators is to tunnel all traffic from the Wifi hotspot through a VPN provider in a different country that doesn't have this liability-by-proxy concept (usually the Netherlands). This way the traffic isn't traced back to the operator of the Wifi hotspot and the lawyers can't collect hundreds of Euros for sending a letter, as they have been doing for at least 10 years. Angela Merkel's party is still fighting to keep public Wifi as useless as possible by requiring all sorts of hoops that a hotspot operator has to jump through to be exempted from being liable by proxy. So, this is not Germany leading the EU to enlightenment. It's one guy in Germany trying to force Germany to catch up to its neighbors.

They've been using this to blackmail small businesses for years. I staid at a hotel in Austria which did not offer WiFi. When I asked them why the manageress said they got taken to the cleaners for several thousand euros over some idiot who bittorrented copyrighted crap over their WiFi. This sentence should have been passed years ago. Making WiFi operators pay content owners damages for the activity of bittorenters on their network is like punishing municipalities for the fact that smugglers are transportin

Wrong/. summary: The Court didn't say anything, an Advocate General did. I don't know if even calling it a "ruling" as TFA does is correct. It's an Opinion and the Court may or may not follow it (p=0.8 [out-law.com]).

But if they do follow it, does this override national regulations such as German fucking Störerhaftung? And what about the legal enforcement of "captive portals" for free Wifi that break HTTP and are just impossible for HTTPS and non-web services (email etc.)?

The link in the article seems unrelated (other than it's also about alleged "piracy"). The Register [theregister.co.uk] has some better background on the current case. It's about a Munich Pirate Party member who offers unencumbered free wifi in his audio/lighting store.

[Sony's] lawyers asked McFadden to put a password on it and take countermeasures, such as port blocking. The advisor to the Court in Europe today reckons that he can tell them to get stuffed.

German Pirate Party activist Patrick Breyer called it [patrick-breyer.de] a victory agains

I previously had a router that often shat its pants and reset to default configuration. Of course, its default was open/no password.
As all my devices could still work it often took me a while to notice.
As I lived in a built up area, who knows what others were downloading on my unsecured WiFi hotspot?
Should I be liable for/all/ of it??

Of course you should be held liable. By your own admission you knew of the problem and didn't fix it. End of story.

Just for you to understand: a safe harbor situation happens only the the Internet access provider takes place to track access: either individual logins + passwords or tracking activity and storing the logs for N years. Absent such measures the access provider is liable for actions originating from his/her access point.

In the EU there is only a requirement for ISPs to monitor users, other providers (wifi, VPN etc) don't need to keep any data.

In the EU, there is no requirement of data retention at all any more – there was, for some years, but this was struck down by the CJEU in the Digital Rights Ireland [europa.eu] case.

However, the European directive would have covered providers of Wi-Fi services: it uses the term "publicly available electronic communications services". (Article 3(1) directive 2006/24/EC [europa.eu]).

I'm oblivious to EU laws and precedent regarding this, but I wonder if this case would have an (positive?) legal implications for TOR exit node operators...

The most interesting part of the opinion, in my view, was the clear statement that someone offering free public Wi-Fi to their customers did so as part of the "economic context" of their shop, even though they do not charge directly for it.

The reason why this is important is that the shielding law in question here — Art. 212, directive 2000/31/EC [europa.eu] — can be invoked only by those providing an "information society service". This is defined as:

"any service normally provided for remuneration, at a distance, by means of electronic equipment for the processing (including digital compression) and storage of data, and at the individual request of a recipient of a service"